Download the PHP package julesr2/jwt-verifier without Composer

On this page you can find all versions of the php package julesr2/jwt-verifier. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of julesr2/jwt-verifier

Informations about the package jwt-verifier

Packagist License Support

Okta JWT Verifier for PHP

As a result of a successful authentication by obtaining an authorization grant from a user or using the Okta API, you will be provided with a signed JWT (id_token and/or access_token). A common use case for these access tokens is to use it inside of the Bearer authentication header to let your application know who the user is that is making the request. In order for you to know this use is valid, you will need to know how to validate the token against Okta. This guide gives you an example of how to do this using Okta's JWT Validation library for PHP.

Release status

This library uses semantic versioning and follows Okta's library version policy.

Version Status
0.x :warning: Beta Release (Retired)
1.x :heavy_check_mark: Release

The latest release can always be found on the [releases page][github-releases].

Installation

The Okta JWT Verifier can be installed through composer.

This library requires a JWT library. We currently support firebase/php-jwt. You will have to install this or create your own adaptor.

To create your own adaptor, just implement the Okta/JwtVerifier/Adaptors/Adaptor in your own class.

You will also need to install a PSR-7 compliant library. We suggest that you use guzzlehttp/psr7 in your project.

Setting up the Library

To validate a JWT, you will need a few different items:

  1. Your issuer URL
  2. The JWT string you want to verify
  3. Access to your vendor autoload file in your script.

Validating an Access Token

After you have a $jwtVerifier from the above section and an access_token from a successful sign in, or from a Bearer token in the authorization header, you will need to make sure that it is still valid. All you need to do is call the verifyAccessToken method (where $jwtString is your access token in string format).

This will validate your JWT for the following:

The result from the verify method is a Jwt object which has a few helper methods for you:

Validating an Id Token

This will validate your JWT for the following:

The result from the verify method is a Jwt object which has a few helper methods for you:


dump($jwt); //Returns instance of \Okta\JwtVerifier\JWT

dump($jwt->toJson()); // Returns Claims as JSON Object

dump($jwt->getClaims()); // Returns Claims as they come from the JWT Package used

dump($jwt->getIssuedAt()); // returns Carbon instance of issued at time
dump($jwt->getIssuedAt(false)); // returns timestamp of issued at time

dump($jwt->getExpirationTime()); //returns Carbon instance of Expiration Time
dump($jwt->getExpirationTime(false)); //returns timestamp of Expiration Time

## Need help?

If you run into problems using the SDK, you can

* Ask questions on the [Okta Developer Forums][devforum]
* Post [issues][github-issues] here on GitHub
* [Working With OAuth 2.0 Tokens](https://developer.okta.com/authentication-guide/tokens/)

## Conclusion

The above are the basic steps for verifying an access token locally. The steps are not tied directly to a framework so
you could plug in the `okta/okta-jwt` into the framework of your choice.

[devforum]: https://devforum.okta.com/
[lang-landing]: https://developer.okta.com/code/php/
[github-issues]: /okta/okta-jwt-verifier-php/issues
[github-releases]: /okta/okta-jwt-verifier-php/releases

All versions of jwt-verifier with dependencies

PHP Build Version
Package Version
Requires php Version ^7.2
nesbot/carbon Version ^2.0
psr/http-message Version ^1.0
php-http/client-common Version ^2.3
php-http/httplug Version ^2.2
php-http/message Version ^1.8
php-http/discovery Version ^1.9
php-http/curl-client Version ^2.1
bretterer/iso_duration_converter Version ^0.1.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package julesr2/jwt-verifier contains the following files

Loading the files please wait ....